Open prusnak opened 8 years ago
Well it results in a 20% increase in code size (a bit over 60K).
Reading up on the technique, it seems that its really a hardening technique and not a debugging technique. Its primary purpose is to prevent intentional buffer overflows that are used to inject malicious code.
Definitely not worth the 20% increase in code size in my books.
The reason for the ISR vector not fitting is that segment is fixed at 16K and the code that we stick in there increased enough that it no longer fits.
I would certainly appreciate if we could make this happen with a compile-time option. I am not suggesting it as default, but having it easily accessible.
I am starting this thread rather than sending a pull request, because I'd like to get more input on the issue first.
It seems that stack protector is turned off for stmhal port (#700).
Is there a significant reason why not to enable it?
My minimal changeset to enable it is here:
Couple of issues to resolve:
__stack_chk_guard
initialization? (obviously you want to have it closest to the beginning of the main function, but only after RNG is initialized)arm-none-eabi-ld: build-PYBV10/firmware.elf section
.isr_vector' will not fit in regionFLASH_ISR'
Ideas? Comments?